|
|
Colapse all |
Post message
UPDATE: [ GLSA 200506-20 ] Cacti: Several vulnerabilities 2005-07-07 Thierry Carrez (koon gentoo org) Re: ICMP vulnerabilities 2005-07-07 Bob Beck (beck bofh cns ualberta ca) > > > > Please read the article. My take on this is that there are people > > who don't want to fix this. > > > > This isn't news news, I've been tinkering with something along these > lines since 1999: > Well, your article is your ponderings of how tcp work, and brat.c does nothing like an MTU [ more ] [ reply ] USENIX Security Symposium, July 31, Baltimore, Maryland, USA 2005-07-07 Peter Mui (pmui usenix org) (Hi: Is the following an appropriate posting to bugtraq (at) securityfocus (dot) com [email concealed]? We don't want to be perceived as spamming, but the conference is coming up soon. Thanks! -Peter) (cut here) ================================================= (EARLY BIRD REGISTRATION ENDS July 11 -- Register Now!!) Regis [ more ] [ reply ] RE: /dev/random is probably not 2005-07-07 David Schwartz (davids webmaster com) > > At the last place at which I worked, a few years ago, a "random > > number" was generated, and used in a FIPS 140-1 compliant > > encryption device, by capturing 128 ethernet frames in sequence > > from the local in-house network, gathering the LSB from the > > arrival time of each frame, and u [ more ] [ reply ] [SECURITY] [DSA 742-1] New cvs packages fix arbitrary code execution 2005-07-07 joey infodrom org (Martin Schulze) ToorCon 2005 Call for Papers 2005-07-07 h1kari (at) toorcon (dot) org [email concealed] (h1kari toorcon org) TOORCON 2005 CALL FOR PAPERS - issued July 7th 2005 Papers and presentations are being accepted for ToorCon 2005 to be held at the Convention Center in San Diego, CA on September 24th-26th. Please email your submissions to cfp (at) toorcon (dot) org [email concealed], submissions will be accepted until August 15th 2005. AB [ more ] [ reply ] Advisory 08/2005: PunBB SQL Injection Vulnerability 2005-07-07 Stefan Esser (sesser hardened-php net) Advisory 09/2005: PunBB arbitrary PHP code inclusion vulnerability 2005-07-07 Stefan Esser (sesser hardened-php net) Re: ICMP Vulnerabilities 2005-07-08 Dragos Ruiu (dr kyx net) On Thursday, 7 July 2005 J. Oquendo wrote: > This isn't news news, I've been tinkering with something along > these lines since 1999 Well you may have known about the problem, but you didn't fix it. The news isn't the problem, it's the FIX. The fix which people haven't applied to their OS distribut [ more ] [ reply ] [SECURITY] [DSA 736-2] New spamassassin packages fix potential DOS 2005-07-08 Michael Stone (mstone klecker debian org) [SECURITY] [DSA 735-2] New sudo packages fix pathname validation race 2005-07-08 Michael Stone (mstone klecker debian org) Security Advisory for Bugzilla 2.18.1 and 2.19.3 2005-07-08 mkanat bugzilla org Summary ======= Bugzilla is a Web-based bug-tracking system, used by a large number of software projects. This advisory covers two security bugs that have recently been discovered and fixed in the Bugzilla code: + Any user can change a flag on any bug. This also allows the attacker to expose [ more ] [ reply ] Fwd: [VOIPSEC] VoIP-Phones: Weakness in proccessing SIP-Notify-Messages 2005-07-08 gary madsen (gmads seclists gmail com) FYI ---------- Forwarded message ---------- From: Mark Teicher <mht3 (at) earthlink (dot) net [email concealed]> Date: Jul 7, 2005 7:06 PM Subject: Re: [VOIPSEC] VoIP-Phones: Weakness in proccessing SIP-Notify-Messages To: Tobias Glemser <tglemser (at) tele-consulting (dot) com [email concealed]> Cc: voipsec (at) voipsa (dot) org [email concealed] Interesting results when executed [ more ] [ reply ] SiteMinder Multiple Vulnerabilities 2005-07-08 c0ntexb gmail com /* ************************************************************************ ***************************************** $ An open security advisory #10 - Siteminder v5.5 Vulnerabilities ************************************************************************ ************************************** [ more ] [ reply ] [SECURITY] [DSA 743-1] New ht packages fix arbitrary code execution 2005-07-08 joey infodrom org (Martin Schulze) [SECURITY] [DSA 744-1] New fuse packages fix information disclosure 2005-07-08 joey infodrom org (Martin Schulze) SUSE Security Announcement: php/pear XML RPC remote code execution (SUSE-SA:2005:041) 2005-07-08 Marcus Meissner (meissner suse de) [Bday release] Comersus shopping cart has multiple Sql injection and Cross Site Scripting vulnerabilities 2005-07-07 dcrab hackerscenter com Dcrab 's Security Advisory http://www.dbtech.org Deadbolt Computer Technologies ****************************** SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU CAN SEND EMAILS TO DCRAB (at) HACKERSCENTER (dot) COM [email concealed] ****************************** Get Dcrab's Services to audit your Web ser [ more ] [ reply ] [SECURITY] [DSA 741-1] New bzip2 packages prevent decompression bomb 2005-07-07 joey infodrom org (Martin Schulze) [OpenPKG-SA-2005.013] OpenPKG Security Advisory (zlib) 2005-07-07 OpenPKG (openpkg openpkg org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ________________________________________________________________________ OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org openpkg-security (at) openpkg (dot) org [email concealed] [ more ] [ reply ] NULL sessions vulnerabilities using alternate named pipes 2005-07-07 Jean-Baptiste Marchand (Jean-Baptiste Marchand hsc fr) PNGƒJƒEƒ“ƒ^+—pƒƒO‰ð̓XƒNƒŠƒvƒg remote commands execution vulnerability 2005-07-07 blahplok yahoo com Multiple vulnerabilities in Lantronix SLC console server 2005-07-07 spam drwetter org Hi, I stumbled on another bug during my review for console servers: Summary: Lantronix SecureLinx console server: Retrieval of ssh-private keys and system logfiles Confirmed on SLC32, Software version: 2.0, 3.0 very likely on all models of SLC series (SLC8, 16, 32, 48) www.lantronix.com Detail [ more ] [ reply ] RE: Microsoft Word Protection Bypass 2005-07-07 Walter Wickersham (wwickersham printinc com) I usually open it in OpenOffice and remove the protection there (use openoffice2.0) then save it as a word file again -----Original Message----- From: Dave.Collins (at) tetratech (dot) com [email concealed] [mailto:Dave.Collins (at) tetratech (dot) com [email concealed]] Sent: Wednesday, July 06, 2005 1:11 PM To: bugtraq (at) securityfocus (dot) com [email concealed] Subject: Re: Mic [ more ] [ reply ] |
|
Privacy Statement |
Gentoo Linux Security Advisory [UPDATE] GLSA 200506-20:02
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - -
[ more ] [ reply ]